GSO segmentation in zero-copy mode is broken
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Fix Released
|
Medium
|
Unassigned |
Bug Description
[SRU Justification]
[Setup]
- 2 or more QEMU Guest VMs sharing the the same host
- the Guests are communicating using virtio-net-pci devices
- vhost-net is enabled
[Explanation]
If one Guest VM sends GSO packets to another while GRO is disabled for receiver, so these packets are segmented by net/core.
In this case, if zero-copy is enabled in vhost-net, the GSO packets TX completion is reported to userspace as before the TX is actually done.
The vhost-net's zero-copy mechanism is enabled by default since v3.8-rc1 (f9611c43).
[Impact]
Incorrect/junk data sent in case the transmitting Guest OS re-uses/frees the TX buffer immediately upon TX completion.
[Test Case]
Windows 2008R2 Guest VMs running MS HCK Offload LSO test.
NOTE1: GRO is always disabled in this case because it's not supported by Windows Guest virtio-net-pci drivers.
NOTE2: MS HCK re-uses the GSO (LSO) buffers, so it reproduces the issue every time.
[Note]
This bug has been fixed in v3.14-rc7 by 1fd819ec (https:/
The fix actually disables zero copy for this case since it forces unconditional fragments copying, but it resolves the issue mentioned.
Changed in linux (Ubuntu): | |
importance: | Undecided → Medium |
tags: | added: saucy trusty |
This bug is missing log files that will aid in diagnosing the problem. From a terminal window please run:
apport-collect 1328973
and then change the status of the bug to 'Confirmed'.
If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.
This change has been made by an automated script, maintained by the Ubuntu Kernel Team.